<?php
namespace Seller\Controller;
use Think\Controller;

class AuthController extends CommonController
{
    public function _initialize()
    {
        // 数组存放不需添加进权限控制的方法
        $params = array("administrators","add_administrators","edit_admin");
        parent::_initialize($params);
    }

    // 管理员列表
    public function administrators()
    {
        $role = D("RoleView");
        $where = array();
        //自己店铺的
        $where['shop_id'] = session('shop_id');
        if(isset($_REQUEST['mName']))
        {
            $mName = trim($_REQUEST['mName']);
            $roleId = trim($_REQUEST['r_id']);
            $status = trim($_REQUEST['sta']);
            if($mName != ''){
                $where['manager.name'] = array("like" ,"%$mName%");
            }
            if($status != ''){
                $where['manager.m_status'] = array("eq" ,$status);
            }
            if($roleId != ''){
                $where['role_manager.role_id'] = array("eq" ,$roleId);
            }
        }
        $count = $role->where($where)->count();
        $page = set_page($count, C('PAGE_NUM'));
        $admins = $role->where($where)->limit($page->firstRow.','.$page->listRows)->select();
        $show = $page->show();
        $this->assign('page',$show);
        $this->assign('admins', $admins);
        $this->roleList = M("role")->where("role_status = 1")->select();
        $this->display();
    }

    // 添加管理员
    public function add_administrators()
    {
        if(IS_POST)
        {
            $name = trim(I("post.name"));
            $mobile = trim(I("post.mobile"));
            $email = trim(I("post.email"));
            $role_id = to_int(I("post.role_id"));
            $pwd = trim(I("post.pwd"));
            if($name == '' || $mobile == '' || $email == '' || $role_id == 0 || $pwd ==''){
                $this->error("信息填写不完整" ,$_SERVER['HTTP_REFERER'] ,1);
            }
            //验证manager重复性
            $res = M("manager")->where(array('mobile'=>$mobile))->find();
            if($res){
                $this->error("该手机号码已有管理员身份",$_SERVER['HTTP_REFERER'],1);
            }
            $insertData['name'] = $name;
            $insertData['mobile'] = $mobile;
            $insertData['email'] = $email;
            $insertData['salt'] = substr(md5(time() . $name) ,-5);
            $insertData['password'] = md5(md5($pwd) .$insertData['salt']);
            $insertData['shop_id'] = session("shop_id");
            $rs = M("manager")->add($insertData);
            if($rs !== false){
                M("role_manager")->add(array('role_id' => $role_id ,'manager_id' => M("manager")->getLastInsID()));
                $this->success("添加成功" ,U("Auth/administrators") ,1);
            }else{
                $this->error("添加失败" ,$_SERVER['HTTP_REFERER'] ,1);
            }
        }else{
            $this->roleList = M("role")->where("role_status = 1")->select();
            $this->display();
        }
    }

    // 编辑管理员
    public function edit_admin()
    {
        if(IS_POST)
        {
            $mobile = trim(I("post.mobile"));
            $email = trim(I("post.email"));
            $role_id = to_int(I("post.role_id"));
            $manager_id = to_int(I("post.manager_id"));
            $pwd = trim(I("post.pwd"));
            if($mobile == '' || $email == '' || $role_id == 0){
                $this->error("信息填写不完整" ,$_SERVER['HTTP_REFERER'] ,1);
            }
            $manager = M("manager")->where("id = $manager_id")->find();
            if(!$manager){
                $this->error("非法操作!" ,$_SERVER['HTTP_REFERER'] ,1);
            }
            $saveData['mobile'] = $mobile;
            $saveData['email'] = $email;
            if($pwd !=''){
                $saveData['password'] = md5(md5($pwd) . $manager['salt']);
            }
            // 超管改掉状态，不可关闭的账号
            if($manager_id == 1) $saveData['m_status'] = 1;
            $rs = M("manager")->where("id = $manager_id")->save($saveData);
            if($rs !== false){
                M("role_manager")->where("manager_id = $manager_id")->save(array('role_id' => $role_id));
                $this->success("修改成功" ,U("Auth/administrators") ,1);
            }else{
                $this->error("修改失败" ,$_SERVER['HTTP_REFERER'] ,1);
            }
        }else{
            $manager_id = to_int(I("get.id"));
            $manager = D("RoleView")->where("manager.id = $manager_id")->find();
            if(!$manager){
                $this->error("请求失败" ,$_SERVER['HTTP_REFERER'] ,1);
            }
            $this->manager = $manager;
            $this->roleList = M("role")->where("role_status = 1")->select();
            $this->display();
        }
    }
}